IBM Cognos Analytics 11.0.11 - Security

[CognosNewbie92506]

I am a newbie to Cognos and I am trying to test user security using only my login as a System Administrator.  Unfortunately, I don't have another LDAP user account to test with other than my own, and it is not practical to have another user sign in to Cognos and assist me with the security configuration.  I currently have access to everything as a System Administrator, but I need to find out if it is possible to add security rights to another role so that I can test security in different folders and reports. As I understand it a System Adm has access to everything, so it wouldn't be practical to test using an account associated with this role.  I also need to be able to change my permissions back to Sys Adm when done testing other roles/groups. Hence, that is why I am posing the question above.  Any assistance or advice would be greatly appreciated.   Thanks. 

[MFGF]

I am a newbie to Cognos and I am trying to test user security using only my login as a System Administrator.  Unfortunately, I don't have another LDAP user account to test with other than my own, and it is not practical to have another user sign in to Cognos and assist me with the security configuration.  I currently have access to everything as a System Administrator, but I need to find out if it is possible to add security rights to another role so that I can test security in different folders and reports. As I understand it a System Adm has access to everything, so it wouldn't be practical to test using an account associated with this role.  I also need to be able to change my permissions back to Sys Adm when done testing other roles/groups. Hence, that is why I am posing the question above.  Any assistance or advice would be greatly appreciated.   Thanks.

Hi,

There isn't an easy way to do this unless you use another login account to Cognos. When you are logged in under your ID, you can see and do everything, regardless of any restrictions placed, because you have System Admin privileges. You either need a second login to adopt the System Admin privileges while you remove yourself from that role, (so you can test security using your ID), or (preferably) set up a new user who is not a System Admin, and use this user to test your security, while leaving your own ID as a System Administrator. The biggest challenge you have really is figuring out how to get another LDAP user created.

If you do remove your ID from the System Administrators role, be VERY VERY careful. It's really easy to end up in a situation where you need System Admin privileges to add your ID back into the role, but you don't have access to any users with System Admin privileges. There are ways around this, but it's messy, so avoid going there if you can.

Cheers!

MF.